# Dockerfile for vulnerable Redis instance (CVE-2025-49844)
# Using Redis version 7.2.0 which is vulnerable to RediShell

FROM redis:7.2.0

# Create custom redis configuration
# WARNING: This is intentionally insecure for lab testing only!
RUN mkdir -p /usr/local/etc/redis && \
    echo "protected-mode no" > /usr/local/etc/redis/redis.conf && \
    echo "bind 0.0.0.0" >> /usr/local/etc/redis/redis.conf && \
    echo "port 6379" >> /usr/local/etc/redis/redis.conf && \
    echo "daemonize no" >> /usr/local/etc/redis/redis.conf && \
    echo "loglevel notice" >> /usr/local/etc/redis/redis.conf

# Expose Redis port
EXPOSE 6379

# Start Redis server with custom config
CMD ["redis-server", "/usr/local/etc/redis/redis.conf"]
